Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1E5C8BB1C960715B62CEF2F80625BD655F7D65F55CAD6162EDCCD363D9862E57/0/3133312e3139362e302e302f32322d3234203d3e203532323733.roa
File:                     3133312e3139362e302e302f32322d3234203d3e203532323733.roa (raw, json)
Hash identifier:          0bzlEFHZnpSNDjLe7Ruo26mI/7z4QjYpYqdwzaIPZOA=
Subject key identifier:   D3:C9:00:D8:B3:A8:5A:4D:A0:42:93:BE:42:2C:4A:4F:E9:31:4C:64
Certificate issuer:       /CN=3927FF3B5B92C88A2841A61BED02284FDFE90814
Certificate serial:       30D84F33FB0272AC9C635FCC27D2BEA0D7DB9093
Authority key identifier: 39:27:FF:3B:5B:92:C8:8A:28:41:A6:1B:ED:02:28:4F:DF:E9:08:14
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3927FF3B5B92C88A2841A61BED02284FDFE90814.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1E5C8BB1C960715B62CEF2F80625BD655F7D65F55CAD6162EDCCD363D9862E57/0/3133312e3139362e302e302f32322d3234203d3e203532323733.roa
Signing time:             Tue 04 Feb 2025 18:18:17 +0000
ROA not before:           Tue 04 Feb 2025 18:13:17 +0000
ROA not after:            Tue 03 Feb 2026 18:18:17 +0000
asID:                     52273
IP address blocks:        131.196.0.0/22 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            30:d8:4f:33:fb:02:72:ac:9c:63:5f:cc:27:d2:be:a0:d7:db:90:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3927FF3B5B92C88A2841A61BED02284FDFE90814
        Validity
            Not Before: Feb  4 18:13:17 2025 GMT
            Not After : Feb  3 18:18:17 2026 GMT
        Subject: CN=D3C900D8B3A85A4DA04293BE422C4A4FE9314C64
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:f1:8c:dc:32:76:54:61:b8:62:33:3f:e9:fa:
                    e4:a9:4c:d7:44:c4:3e:66:d4:49:28:db:d9:d0:36:
                    d9:6e:43:00:bf:30:28:67:ec:2f:56:ce:2f:6d:d6:
                    a1:1b:3b:d9:23:7c:a7:1e:a2:c2:91:15:3b:80:2f:
                    dc:43:40:5d:1d:65:03:1e:b2:7b:9d:14:d2:ab:7b:
                    5b:c4:2c:24:9c:39:f7:dc:a1:36:45:9a:fe:9e:f9:
                    a4:25:4a:4e:cd:e1:29:05:9a:6f:14:88:00:3a:c1:
                    ee:0b:40:ee:b1:08:97:fd:c5:5c:14:b1:97:56:ca:
                    e1:69:e3:a6:ed:1d:4d:f8:4d:bd:46:4c:22:33:87:
                    65:b7:00:be:77:64:45:4e:3d:59:bb:54:47:86:a3:
                    b1:0a:5b:45:ec:d8:53:91:12:ee:38:af:17:3b:05:
                    bb:a4:a4:70:01:82:fd:9c:7d:c0:d0:3d:5d:72:d6:
                    20:f4:fd:c6:14:60:55:8b:3e:9c:4b:96:6c:24:fc:
                    ca:71:79:ff:c3:16:24:2c:60:64:f7:c2:32:81:4e:
                    69:81:a4:fa:18:3d:f7:bd:88:54:4a:23:da:47:4d:
                    6f:23:d9:e5:1e:c5:fb:c2:5c:78:3f:ac:02:d6:57:
                    b2:fa:3b:cb:78:b9:14:bf:af:45:54:9a:07:5f:ee:
                    47:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:C9:00:D8:B3:A8:5A:4D:A0:42:93:BE:42:2C:4A:4F:E9:31:4C:64
            X509v3 Authority Key Identifier:
                keyid:39:27:FF:3B:5B:92:C8:8A:28:41:A6:1B:ED:02:28:4F:DF:E9:08:14

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1E5C8BB1C960715B62CEF2F80625BD655F7D65F55CAD6162EDCCD363D9862E57/0/3927FF3B5B92C88A2841A61BED02284FDFE90814.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3927FF3B5B92C88A2841A61BED02284FDFE90814.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1E5C8BB1C960715B62CEF2F80625BD655F7D65F55CAD6162EDCCD363D9862E57/0/3133312e3139362e302e302f32322d3234203d3e203532323733.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  131.196.0.0/22

    Signature Algorithm: sha256WithRSAEncryption
         d2:94:9c:97:b1:de:f8:68:ec:7b:7f:82:ca:22:59:d3:43:74:
         70:5a:e2:25:f2:14:3d:bf:fb:79:5b:c8:10:24:ef:62:c5:fc:
         5b:cd:a8:7e:a1:b5:c1:a1:28:a3:7e:1c:f1:66:da:50:48:8d:
         4e:51:98:b7:fe:16:1a:03:a3:b8:9b:16:1f:56:4d:f6:02:f1:
         9b:19:38:c7:58:f1:f0:3a:2b:62:4e:1d:d4:8c:96:3f:ed:8b:
         be:2e:67:f9:1c:1c:df:9b:1d:25:5a:04:3b:ae:b7:8f:f5:09:
         bf:a1:bd:41:94:c9:8b:7e:50:45:fc:87:90:ac:de:eb:86:39:
         86:ef:53:63:3c:e3:2d:27:e4:e3:82:a7:ab:48:83:41:f4:53:
         61:19:bf:17:c5:ea:0d:1d:ea:93:a6:7c:d3:e6:52:a7:74:44:
         bf:c5:5a:74:a0:b0:04:16:57:d0:77:0a:d9:90:e2:f3:be:f2:
         f1:36:a2:48:ef:52:5d:f9:6c:60:b1:5a:57:d2:90:99:bf:37:
         bc:ef:b6:79:df:7c:52:e6:eb:3c:8d:5f:a4:e4:9c:34:39:33:
         3e:13:c6:52:92:e0:25:96:4f:68:43:3a:a9:23:95:ba:5c:e8:
         30:33:a8:85:f1:9b:d0:34:13:7a:d2:a3:d5:2f:f0:03:e2:d0:
         c4:34:a2:41
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUMNhPM/sCcqycY1/MJ9K+oNfbkJMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzkyN0ZGM0I1QjkyQzg4QTI4NDFBNjFCRUQwMjI4NEZE
RkU5MDgxNDAeFw0yNTAyMDQxODEzMTdaFw0yNjAyMDMxODE4MTdaMDMxMTAvBgNV
BAMTKEQzQzkwMEQ4QjNBODVBNERBMDQyOTNCRTQyMkM0QTRGRTkzMTRDNjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCd8YzcMnZUYbhiMz/p+uSpTNdE
xD5m1Eko29nQNtluQwC/MChn7C9Wzi9t1qEbO9kjfKceosKRFTuAL9xDQF0dZQMe
snudFNKre1vELCScOffcoTZFmv6e+aQlSk7N4SkFmm8UiAA6we4LQO6xCJf9xVwU
sZdWyuFp46btHU34Tb1GTCIzh2W3AL53ZEVOPVm7VEeGo7EKW0Xs2FOREu44rxc7
BbukpHABgv2cfcDQPV1y1iD0/cYUYFWLPpxLlmwk/Mpxef/DFiQsYGT3wjKBTmmB
pPoYPfe9iFRKI9pHTW8j2eUexfvCXHg/rALWV7L6O8t4uRS/r0VUmgdf7kctAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQU08kA2LOoWk2gQpO+QixKT+kxTGQwHwYDVR0j
BBgwFoAUOSf/O1uSyIooQaYb7QIoT9/pCBQwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xRTVDOEJCMUM5NjA3MTVCNjJDRUYyRjgwNjI1QkQ2NTVG
N0Q2NUY1NUNBRDYxNjJFRENDRDM2M0Q5ODYyRTU3LzAvMzkyN0ZGM0I1QjkyQzg4
QTI4NDFBNjFCRUQwMjI4NEZERkU5MDgxNC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8zOTI3RkYzQjVCOTJDODhBMjg0
MUE2MUJFRDAyMjg0RkRGRTkwODE0LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMUU1QzhCQjFDOTYwNzE1QjYyQ0VGMkY4MDYyNUJENjU1RjdENjVGNTVD
QUQ2MTYyRURDQ0QzNjNEOTg2MkU1Ny8wLzMxMzMzMTJlMzEzOTM2MmUzMDJlMzAy
ZjMyMzIyZDMyMzQyMDNkM2UyMDM1MzIzMjM3MzMucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKDxAAwDQYJ
KoZIhvcNAQELBQADggEBANKUnJex3vho7Ht/gsoiWdNDdHBa4iXyFD2/+3lbyBAk
72LF/FvNqH6htcGhKKN+HPFm2lBIjU5RmLf+FhoDo7ibFh9WTfYC8ZsZOMdY8fA6
K2JOHdSMlj/ti74uZ/kcHN+bHSVaBDuut4/1Cb+hvUGUyYt+UEX8h5Cs3uuGOYbv
U2M84y0n5OOCp6tIg0H0U2EZvxfF6g0d6pOmfNPmUqd0RL/FWnSgsAQWV9B3CtmQ
4vO+8vE2okjvUl35bGCxWlfSkJm/N7zvtnnffFLm6zyNX6TknDQ5Mz4TxlKS4CWW
T2hDOqkjlbpc6DAzqIXxm9A0E3rSo9Uv8APi0MQ0okE=
-----END CERTIFICATE-----